Responsed Unauthorized 401 in AllowAny permission #8722

junngo · 2022-10-20T02:00:13Z

Hi there :)
I'd like to know you about this situation and this is just a suggestion.

I happened a similar problem in case #2383
I set AllowAny permission, and DRF returns an Unauthorized 401 response.
The reason is If you call API with Authorization property such as Authorization: Bearer null[0], It return 401.

Regardless of whether there is Authorization property or not, should we consider not causing 401 in AllowAny permission?

[0]

The text was updated successfully, but these errors were encountered:

struckchure · 2022-10-24T08:40:44Z

AllowAny tries to verify the token if it exists, if it doesn't exist, it moves on. Passing a null value would raise a 401 as expected, the way I see it, you just shouldn't pass the token if it's not valid

stale · 2022-12-23T23:28:16Z

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

stale bot added the stale label Dec 23, 2022

auvipy removed the stale label Dec 24, 2022

encode locked and limited conversation to collaborators Dec 24, 2022

auvipy converted this issue into discussion #8812 Dec 24, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

This issue was moved to a discussion.

Responsed Unauthorized 401 in AllowAny permission #8722

Responsed Unauthorized 401 in AllowAny permission #8722

junngo commented Oct 20, 2022

struckchure commented Oct 24, 2022

stale bot commented Dec 23, 2022

This issue was moved to a discussion.

This issue was moved to a discussion.

Responsed Unauthorized 401 in AllowAny permission #8722

Responsed Unauthorized 401 in AllowAny permission #8722

Comments

junngo commented Oct 20, 2022

struckchure commented Oct 24, 2022

stale bot commented Dec 23, 2022

This issue was moved to a discussion.